Thursday, September 2, 2021

OpenEMR 6.0.0 Insecure Direct Object Reference

# Exploit Title: Openemr 6.0.0 - Insecure direct object references 
# Date: 31/8/2021
# Exploit Author: Allen Enosh Upputori
# Vendor Homepage: https://community.open-emr.org
# Version: 6.0.0
# Tested on: Linux
# CVE: 2021-40352

PoC: An attacker who has Physician Access can read messages with were sent to others members including admin messages the vulnerability exits in the print message feature = "pnotes_print.php?noteid=16" changing the "noteid=" to any other number will reveal the messages of everyone

https://github.com/allenenosh/CVE-2021-40352

 

Copyright © 2020 Cyber Details - Vulnerability Database™

Thanks for everything Templateism - You should have written the code a little more complicated